← LibraryTechnique entry
M365-APP-PASSWORDCredential Access
Legacy App Password / Basic Auth
Some tenants still allow EWS basic auth or app passwords — bypass MFA via legacy protocols.
§ Where this technique fits
M365-APP-PASSWORD is catalogued under the Credential Access tactic of the offensive-security kill-chain. It appears in 0 approved dossiers in the registry, typically.